Search results for: cyber attack
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 334

Search results for: cyber attack

334 A Reasoning Method of Cyber-Attack Attribution Based on Threat Intelligence

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: Reasoning, Bayesian networks, cyber-attack attribution, kill chain, threat intelligence.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2610
333 Quick Reference: Cyber Attacks Awareness and Prevention Method for Home Users

Authors: Haydar Teymourlouei

Abstract:

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such technologies would help. Knowledge of how cyber-attacks operate and protective steps that can be taken to reduce chances of its occurrence are key to increasing these security measures. The purpose of this paper is to inform home users on the importance of identifying and taking preventive steps to avoid cyberattacks. Throughout this paper, many aspects of cyber-attacks will be discuss: what a cyber-attack is, the affects of cyber-attack for home users, different types of cyber-attacks, methodology to prevent such attacks; home users can take to fortify security of their computer.

Keywords: Cyber-attacks, home user, prevention, security, technology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7680
332 Status and Requirements of Counter-Cyberterrorism

Authors: Jeong-Tae Kim, Tchanghee Hyun

Abstract:

The number of intrusions and attacks against critical infrastructures and other information networks is increasing rapidly. While there is no identified evidence that terrorist organizations are currently planning a coordinated attack against the vulnerabilities of computer systems and network connected to critical infrastructure, and origins of the indiscriminate cyber attacks that infect computers on network remain largely unknown. The growing trend toward the use of more automated and menacing attack tools has also overwhelmed some of the current methodologies used for tracking cyber attacks. There is an ample possibility that this kind of cyber attacks can be transform to cyberterrorism caused by illegal purposes. Cyberterrorism is a matter of vital importance to national welfare. Therefore, each countries and organizations have to take a proper measure to meet the situation and consider effective legislation about cyberterrorism.

Keywords: Cyberterrorism, cyber attack, information security, legislation

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2725
331 A Systematic Approach for Analyzing Multiple Cyber-Physical Attacks on the Smart Grid

Authors: Yatin Wadhawan, Clifford Neuman, Anas Al Majali

Abstract:

In this paper, we evaluate the resilience of the smart grid system in the presence of multiple cyber-physical attacks on its distinct functional components. We discuss attack-defense scenarios and their effect on smart grid resilience. Through contingency simulations in the Network and PowerWorld Simulator, we analyze multiple cyber-physical attacks that propagate from the cyber domain to power systems and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system administrators develop more resilient systems and improves the response of the system in the presence of cyber-physical attacks.

Keywords: Smart grid, resilience, gas pipeline, cyber-physical attack, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 958
330 Preventing and Coping Strategies for Cyber Bullying and Cyber Victimization

Authors: Erdinc Ozturk, Gizem Akcan

Abstract:

Although there are several advantages of information and communication technologies, they cause some problems like cyber bullying and cyber victimization. Cyber bullying and cyber victimization have lots of negative effects on people. There are lots of different strategies to prevent cyber bullying and victimization. This study was conducted to provide information about the strategies that are used to prevent cyber bullying and cyber victimization. 120 (60 women, 60 men) university students whose ages are between 18 and 35 participated this study. According to findings of this study, men are more prone to cyber bullying than women. Moreover, men are also more prone to cyber victimization than women.

Keywords: Cyber bullying, cyber victimization, coping strategies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1520
329 A Socio-Technical Approach to Cyber-Risk Assessment

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: Attacker, behavioural models, cyber risk assessment, cyber-security, human factors, investigative psychology, ISO27001, ISO27005.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 874
328 An Investigation on Organisation Cyber Resilience

Authors: Arniyati Ahmad, Christopher Johnson, Timothy Storer

Abstract:

Cyber exercises used to assess the preparedness of a community against cyber crises, technology failures and Critical Information Infrastructure (CII) incidents. The cyber exercises also called cyber crisis exercise or cyber drill, involved partnerships or collaboration of public and private agencies from several sectors. This study investigates Organisation Cyber Resilience (OCR) of participation sectors in cyber exercise called X Maya in Malaysia. This study used a principal based cyber resilience survey called CSuite Executive checklist developed by World Economic Forum in 2012. To ensure suitability of the survey to investigate the OCR, the reliability test was conducted on C-Suite Executive checklist items. The research further investigates the differences of OCR in ten Critical National Infrastructure Information (CNII) sectors participated in the cyber exercise. The One Way ANOVA test result showed a statistically significant difference of OCR among ten CNII sectors participated in the cyber exercise.

Keywords: Critical Information Infrastructure, Cyber Resilience, Organisation Cyber Resilience, Reliability Test.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2172
327 Evaluation of State of the Art IDS Message Exchange Protocols

Authors: Robert Koch, Mario Golling, Gabi Dreo

Abstract:

During the last couple of years, the degree of dependence on IT systems has reached a dimension nobody imagined to be possible 10 years ago. The increased usage of mobile devices (e.g., smart phones), wireless sensor networks and embedded devices (Internet of Things) are only some examples of the dependency of modern societies on cyber space. At the same time, the complexity of IT applications, e.g., because of the increasing use of cloud computing, is rising continuously. Along with this, the threats to IT security have increased both quantitatively and qualitatively, as recent examples like STUXNET or the supposed cyber attack on Illinois water system are proofing impressively. Once isolated control systems are nowadays often publicly available - a fact that has never been intended by the developers. Threats to IT systems don’t care about areas of responsibility. Especially with regard to Cyber Warfare, IT threats are no longer limited to company or industry boundaries, administrative jurisdictions or state boundaries. One of the important countermeasures is increased cooperation among the participants especially in the field of Cyber Defence. Besides political and legal challenges, there are technical ones as well. A better, at least partially automated exchange of information is essential to (i) enable sophisticated situational awareness and to (ii) counter the attacker in a coordinated way. Therefore, this publication performs an evaluation of state of the art Intrusion Detection Message Exchange protocols in order to guarantee a secure information exchange between different entities.

Keywords: Cyber Defence, Cyber Warfare, Intrusion Detection Information Exchange, Early Warning Systems, Joint Intrusion Detection, Cyber Conflict

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2236
326 Active Cyber Defense within the Concept of NATO’s Protection of Critical Infrastructures

Authors: Serkan Yağlı, Selçuk Dal

Abstract:

Cyber attacks pose a serious threat to all states. Therefore, states constantly seek for various methods to encounter those threats. In addition, recent changes in the nature of cyber attacks and their more complicated methods have created a new concept: active cyber defense (ACD). This article tries to answer firstly why ACD is important to NATO and find out the viewpoint of NATO towards ACD. Secondly, infrastructure protection is essential to cyber defense. Critical infrastructure protection with ACD means is even more important. It is assumed that by implementing active cyber defense, NATO may not only be able to repel the attacks but also be deterrent. Hence, the use of ACD has a direct positive effect in all international organizations’ future including NATO.

Keywords: Active cyber defense, advanced persistent treat, critical infrastructure, NATO.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3640
325 Improving Cyber Resilience in Mobile Field Hospitals: Towards an Assessment Model

Authors: Nasir Baba Ahmed, Nicolas Daclin, Marc Olivaux, Gilles Dusserre

Abstract:

The Mobile field hospital is critical in terms of managing emergencies in crisis. It is a sub-section of the main hospitals and the health sector, tasked with delivering responsive, immediate, and efficient medical services during a crisis. With the aim to prevent further crisis, the assessment of the cyber assets follows different methods, to distinguish its strengths and weaknesses, and in turn achieve cyber resiliency. The work focuses on assessments of cyber resilience in field hospitals with trends growing in both the field hospital and the health sector in general. This creates opportunities for the adverse attackers and the response improvement objectives for attaining cyber resilience, as the assessments allow users and stakeholders to know the level of risks with regards to its cyber assets. Thus, the purpose is to show the possible threat vectors which open up opportunities, with contrast to current trends in the assessment of the mobile field hospitals’ cyber assets.

Keywords: Assessment framework, cyber resilience, cyber security, Mobile Field Hospital.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 596
324 Cyber Aggression / Cyber Bullying and the Dark Triad: Effect on Workplace Behavior / Performance

Authors: Anishya Obhrai Madan

Abstract:

In an increasingly connected world, where speed of communication attempts to match the speed of thought and thus intentions; conflict gets actioned faster using media like the internet and telecommunication technology. This has led to a new form of aggression: “cyber bullying”. The present paper attempts to integrate existing theory on bullying, and the dark triad personality traits in a work environment and extrapolate it to the cyber context.

Keywords: Conflict at Work, Cyber bullying, Dark Triad of Personality, Toxic Employee.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4379
323 Mechanisms of Internet Security Attacks

Authors: J. Dubois, P. Jreije

Abstract:

Internet security attack could endanger the privacy of World Wide Web users and the integrity of their data. The attack can be carried out on today's most secure systems- browsers, including Netscape Navigator and Microsoft Internet Explorer. There are too many types, methods and mechanisms of attack where new attack techniques and exploits are constantly being developed and discovered. In this paper, various types of internet security attack mechanisms are explored and it is pointed out that when different types of attacks are combined together, network security can suffer disastrous consequences.

Keywords: DoS, internet attacks, router attack, security, trojan, virus, worm, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2052
322 Attacks and Counter Measures in BST Overlay Structure of Peer-To-Peer System

Authors: Guruprasad Khataniar, Hitesh Tahbildar, Prakriti Prava Das

Abstract:

There are various overlay structures that provide efficient and scalable solutions for point and range query in a peer-topeer network. Overlay structure based on m-Binary Search Tree (BST) is one such popular technique. It deals with the division of the tree into different key intervals and then assigning the key intervals to a BST. The popularity of the BST makes this overlay structure vulnerable to different kinds of attacks. Here we present four such possible attacks namely index poisoning attack, eclipse attack, pollution attack and syn flooding attack. The functionality of BST is affected by these attacks. We also provide different security techniques that can be applied against these attacks.

Keywords: BST, eclipse attack, index poisoning attack, pollution attack, syn flooding attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1571
321 Facilitating a Cyber-Enabled Fraud Using the O.MG Cable to Incriminate the Victim

Authors: Damola O. Lawal, David W. Gresty, Diane E. Gan, Louise Hewitt

Abstract:

This paper investigates the feasibility of using a programmable USB such as the O.MG Cable to perform a file tampering attack. Here, the O.MG Cable, an apparently harmless mobile device charger is used in an unauthorised way, to alter the content of a file (an accounts record-January_Contributions.xlsx). The aim is to determine if a forensics analyst can reliably determine who has altered the target file; the O.MG Cable or the user of the machine. This work highlights some of the traces of the O.MG Cable left behind on the target computer itself such as the Product ID (PID) and Vendor ID (ID). Also discussed is the O.MG Cable’s behaviour during the experiments. We determine if a forensics analyst could identify if any evidence has been left behind by the programmable device on the target file once it has been removed from the computer to establish if the analyst would be able to link the traces left by the O.MG Cable to the file tampering. It was discovered that the forensic analyst might mistake the actions of the O.MG Cable for the computer users. Experiments carried out in this work could further the discussion as to whether an innocent user could be punished for the unauthorised changes made by a programmable device.

Keywords: O.MG Cable, programmable USB, file tampering attack, digital evidence credibility, miscarriage of justice, cyber fraud.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 526
320 A Distinguish Attack on COSvd Cipher

Authors: Mohammad Ali Orumiehchi ha, R. Mirghadri

Abstract:

The COSvd Ciphers has been proposed by Filiol and others (2004). It is a strengthened version of COS stream cipher family denoted COSvd that has been adopted for at least one commercial standard. We propose a distinguish attack on this version, and prove that, it is distinguishable from a random stream. In the COSvd Cipher used one S-Box (10×8) on the final part of cipher. We focus on S-Box and use weakness this S-Box for distinguish attack. In addition, found a leak on HNLL that the sub s-boxes don-t select uniformly. We use this property for an Improve distinguish attack.

Keywords: Stream cipher, COSvd cipher, distinguish attack, nonlinear feedback shift registers, chaotic layer.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1100
319 Selective Forwarding Attack and Its Detection Algorithms: A Review

Authors: Sushil Sarwa, Rajeev Kumar

Abstract:

The wireless mesh networks (WMNs) are emerging technology in wireless networking as they can serve large scale high speed internet access. Due to its wireless multi-hop feature, wireless mesh network is prone to suffer from many attacks, such as denial of service attack (DoS). We consider a special case of DoS attack which is selective forwarding attack (a.k.a. gray hole attack). In such attack, a misbehaving mesh router selectively drops the packets it receives rom its predecessor mesh router. It is very hard to detect that packet loss is due to medium access collision, bad channel quality or because of selective forwarding attack. In this paper, we present a review of detection algorithms of selective forwarding attack and discuss their advantage & disadvantage. Finally we conclude this paper with open research issues and challenges.

Keywords: CAD algorithm, CHEMAS, selective forwarding attack, watchdog & pathrater, wireless mesh network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2728
318 Cyber Crime in Uganda: Myth or Reality?

Authors: Florence Tushabe, Venansius Baryamureeba

Abstract:

There is a general feeling that Internet crime is an advanced type of crime that has not yet infiltrated developing countries like Uganda. The carefree nature of the Internet in which anybody publishes anything at anytime poses a serious security threat for any nation. Unfortunately, there are no formal records about this type of crime for Uganda. Could this mean that it does not exist there? The author conducted an independent research to ascertain whether cyber crimes have affected people in Uganda and if so, to discover where they are reported. This paper highlights the findings.

Keywords: Cyber crime, Internet crime, Uganda crime statistics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3743
317 How Efficiency of Password Attack Based on a Keyboard

Authors: Hsien-cheng Chou, Fei-pei Lai, Hung-chang Lee

Abstract:

At present, dictionary attack has been the basic tool for recovering key passwords. In order to avoid dictionary attack, users purposely choose another character strings as passwords. According to statistics, about 14% of users choose keys on a keyboard (Kkey, for short) as passwords. This paper develops a framework system to attack the password chosen from Kkeys and analyzes its efficiency. Within this system, we build up keyboard rules using the adjacent and parallel relationship among Kkeys and then use these Kkey rules to generate password databases by depth-first search method. According to the experiment results, we find the key space of databases derived from these Kkey rules that could be far smaller than the password databases generated within brute-force attack, thus effectively narrowing down the scope of attack research. Taking one general Kkey rule, the combinations in all printable characters (94 types) with Kkey adjacent and parallel relationship, as an example, the derived key space is about 240 smaller than those in brute-force attack. In addition, we demonstrate the method's practicality and value by successfully cracking the access password to UNIX and PC using the password databases created

Keywords: Brute-force attack, dictionary attack, depth-firstsearch, password attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3427
316 An Atomic-Domains-Based Approach for Attack Graph Generation

Authors: Fangfang Chen, Chunlu Wang, Zhihong Tian, Shuyuan Jin, Tianle Zhang

Abstract:

Attack graph is an integral part of modeling the overview of network security. System administrators use attack graphs to determine how vulnerable their systems are and to determine what security measures to deploy to defend their systems. Previous methods on AGG(attack graphs generation) are aiming at the whole network, which makes the process of AGG complex and non-scalable. In this paper, we propose a new approach which is simple and scalable to AGG by decomposing the whole network into atomic domains. Each atomic domain represents a host with a specific privilege. Then the process for AGG is achieved by communications among all the atomic domains. Our approach simplifies the process of design for the whole network, and can gives the attack graphs including each attack path for each host, and when the network changes we just carry on the operations of corresponding atomic domains which makes the process of AGG scalable.

Keywords: atomic domain, vulnerability, attack graphs, generation, computer security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1599
315 Design and Implementation of Cyber Video Consultation System Using Hybrid P2P

Authors: Hyen Ki Kim

Abstract:

This paper describes the design and implementation of cyber video consultation systems(CVCS) using hybrid P2P for video consultation between remote sites. The proposed system is based on client-server and P2P(Peer to Peer) architecture, where client-server is used for communication with the MCU(Multipoint Control Unit) and P2P is used for the cyber video consultation. The developed video consultation system decreases server traffic, and cuts down network expenses, as the multimedia data decentralizes to the client by hybrid P2P architecture. Also the developed system is tested by the group-type video consultation system using communication protocol and application software through Ethernet networks.

Keywords: Consultation, Cyber, Hybrid, Peer-to-Peer

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1859
314 Graphical Password Security Evaluation by Fuzzy AHP

Authors: Arash Habibi Lashkari, Azizah Abdul Manaf, Maslin Masrom

Abstract:

In today's day and age, one of the important topics in information security is authentication. There are several alternatives to text-based authentication of which includes Graphical Password (GP) or Graphical User Authentication (GUA). These methods stems from the fact that humans recognized and remembers images better than alphanumerical text characters. This paper will focus on the security aspect of GP algorithms and what most researchers have been working on trying to define these security features and attributes. The goal of this study is to develop a fuzzy decision model that allows automatic selection of available GP algorithms by taking into considerations the subjective judgments of the decision makers who are more than 50 postgraduate students of computer science. The approach that is being proposed is based on the Fuzzy Analytic Hierarchy Process (FAHP) which determines the criteria weight as a linear formula.

Keywords: Graphical Password, Authentication Security, Attack Patterns, Brute force attack, Dictionary attack, Guessing Attack, Spyware attack, Shoulder surfing attack, Social engineering Attack, Password Entropy, Password Space.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1884
313 Effect of Amplitude and Mean Angle of Attack on Wake of an Oscillating Airfoil

Authors: Sadeghi H., Mani M., Ardakani M. A.

Abstract:

The unsteady wake of an EPPLER 361 airfoil in pitching motion has been investigated in a subsonic wind tunnel by hot-wire anemometry. The airfoil was given the pitching motion about the one-quarter chord axis at reduced frequency of 0182. Streamwise mean velocity profiles (wake profiles) were investigated at several vertically aligned points behind the airfoil at one-quarter chord downstream distance from trailing edge. Oscillation amplitude and mean angle of attack were varied to determine the effects on wake profiles. When the maximum dynamic angle of attack was below the static stall angle of attack, weak effects on wake were found by increasing oscillation amplitude and mean angle of attack. But, for higher angles of attack strong unsteady effects were appeared on the wake.

Keywords: Unsteady wake, amplitude, mean angle, EPPLER 361 airfoil.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2604
312 Using Social Network Analysis for Cyber Threat Intelligence

Authors: Vasileios Anastopoulos

Abstract:

Cyber threat intelligence assists organisations in understanding the threats they face and helps them make educated decisions on preparing their defences. Sharing of threat intelligence and threat information is increasingly leveraged by organisations and enterprises, and various software solutions are already available, with the open-source malware information sharing platform (MISP) being a popular one. In this work, a methodology for the production of cyber threat intelligence using the threat information stored in MISP is proposed. The methodology leverages the discipline of social network analysis and the diamond model, a model used for intrusion analysis, to produce cyber threat intelligence. The workings of the proposed methodology are demonstrated with a case study on a production MISP instance of a real organisation. The paper concludes with a discussion on the proposed methodology and possible directions for further research.

Keywords: Cyber threat intelligence, diamond model, malware information sharing platform, social network analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 414
311 An Attack on the Lucas Based El-Gamal Cryptosystem in the Elliptic Curve Group Over Finite Field Using Greater Common Divisor

Authors: Lee Feng Koo, Tze Jin Wong, Pang Hung Yiu, Nik Mohd Asri Nik Long

Abstract:

Greater common divisor (GCD) attack is an attack that relies on the polynomial structure of the cryptosystem. This attack required two plaintexts differ from a fixed number and encrypted under same modulus. This paper reports a security reaction of Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field under GCD attack. Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field was exposed mathematically to the GCD attack using GCD and Dickson polynomial. The result shows that the cryptanalyst is able to get the plaintext without decryption by using GCD attack. Thus, the study concluded that it is highly perilous when two plaintexts have a slight difference from a fixed number in the same Elliptic curve group over finite field.

Keywords: Decryption, encryption, elliptic curve, greater common divisor.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 635
310 Cryptographic Attack on Lucas Based Cryptosystems Using Chinese Remainder Theorem

Authors: Tze Jin Wong, Lee Feng Koo, Pang Hung Yiu

Abstract:

Lenstra’s attack uses Chinese remainder theorem as a tool and requires a faulty signature to be successful. This paper reports on the security responses of fourth and sixth order Lucas based (LUC4,6) cryptosystem under the Lenstra’s attack as compared to the other two Lucas based cryptosystems such as LUC and LUC3 cryptosystems. All the Lucas based cryptosystems were exposed mathematically to the Lenstra’s attack using Chinese Remainder Theorem and Dickson polynomial. Result shows that the possibility for successful Lenstra’s attack is less against LUC4,6 cryptosystem than LUC3 and LUC cryptosystems. Current study concludes that LUC4,6 cryptosystem is more secure than LUC and LUC3 cryptosystems in sustaining against Lenstra’s attack.

Keywords: Lucas sequence, Dickson Polynomial, faulty signature, corresponding signature, congruence.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 660
309 Cyber Victimization: School Experience of Malaysian Cyberbullied Teenagers

Authors: Shireen Simon

Abstract:

Cyberbullying among schoolchildren and teenagers became a hot issue discussed by Malaysian society. Cyberbullying is a new age of bullying because it uses the modern digital technology intentionally to hurt and degrade someone in the cyber world. Cyberbullying is a problem affecting many teenagers as they embrace online communication and interaction whereby virtual world with no borders. By adopting a qualitative approach, this study has captured 8 cyberbullied victims’ school experience. Even years after leaving school, these 8 cyberbullied victims remember how it feels to be bullied in the cyber world. The principal investigator also tries to identify the possibility factors that contribute to cyberbullying among these 8 victims. The result shows that these victims were bullied differently in cyber world. This study not just primarily focuses on cyberbullying issues among schoolchildren and teenagers; it also addresses the motives and causes of cyberbullying. Lastly, this article will be served as guidance for school teachers, parents and teenagers to prepare to tackle cyberbullying together. Cyberbullying is no laughing matter in our community, and it is time to spread the seeds of peace inspires others to do the same.

Keywords: Cyberbullying, cyber victimization, internet, school experience, teenagers.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3175
308 Predicting Application Layer DDoS Attacks Using Machine Learning Algorithms

Authors: S. Umarani, D. Sharmila

Abstract:

A Distributed Denial of Service (DDoS) attack is a major threat to cyber security. It originates from the network layer or the application layer of compromised/attacker systems which are connected to the network. The impact of this attack ranges from the simple inconvenience to use a particular service to causing major failures at the targeted server. When there is heavy traffic flow to a target server, it is necessary to classify the legitimate access and attacks. In this paper, a novel method is proposed to detect DDoS attacks from the traces of traffic flow. An access matrix is created from the traces. As the access matrix is multi dimensional, Principle Component Analysis (PCA) is used to reduce the attributes used for detection. Two classifiers Naive Bayes and K-Nearest neighborhood are used to classify the traffic as normal or abnormal. The performance of the classifier with PCA selected attributes and actual attributes of access matrix is compared by the detection rate and False Positive Rate (FPR).

Keywords: Distributed Denial of Service (DDoS) attack, Application layer DDoS, DDoS Detection, K- Nearest neighborhood classifier, Naive Bayes Classifier, Principle Component Analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5201
307 A Novel Approach to Avoid Billing Attack on VOIP System

Authors: Narendra M. Shekokar, Satish R. Devane

Abstract:

In a recent year usage of VoIP subscription has increased tremendously as compare to Public Switching Telephone System(PSTN). A VoIP subscriber would like to know the exact tariffs of the calls made using VoIP. As the usage increases, the rate of fraud is also increases, causing users complain about excess billing. This in turn hampers the growth of VoIP .This paper describe the common frauds and attack on VoIP based system and make an attempt to solve the billing attack by creating secured channel between caller and callee.

Keywords: VoIP, Billing-fraud, SSL/TLS, MITM, Replay-attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1600
306 Analysis of Detecting Wormhole Attack in Wireless Networks

Authors: Khin Sandar Win

Abstract:

In multi hop wireless systems, such as ad hoc and sensor networks, mobile ad hoc network applications are deployed, security emerges as a central requirement. A particularly devastating attack is known as the wormhole attack, where two or more malicious colluding nodes create a higher level virtual tunnel in the network, which is employed to transport packets between the tunnel end points. These tunnels emulate shorter links in the network. In which adversary records transmitted packets at one location in the network, tunnels them to another location, and retransmits them into the network. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In this paper, we analyze wormhole attack nature in ad hoc and sensor networks and existing methods of the defending mechanism to detect wormhole attacks without require any specialized hardware. This analysis able to provide in establishing a method to reduce the rate of refresh time and the response time to become more faster.

Keywords: Ad hoc network, Sensor network, Wormhole attack, defending mechanism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2238
305 Security Weaknesses of Dynamic ID-based Remote User Authentication Protocol

Authors: Hyoungseob Lee, Donghyun Choi, Yunho Lee, Dongho Won, Seungjoo Kim

Abstract:

Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.

Keywords: Message Alteration Attack, Impersonation Attack

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1715